Skip to main content
    New Scam Tricks Users Into Installing Password Stealing Software. Here's How to Avoid It
    AI
    2 min read

    New Scam Tricks Users Into Installing Password Stealing Software. Here's How to Avoid It

    ACR Stealer uses fake error messages to trick people into running commands that steal passwords and sensitive files from their computers.

    Source

    Microsoft Security Blog

    Original headline: ACR Stealer: Two observed intrusion chains amid increased threat activity

    Plain-English summary by GetCyberRight. Read the full report at the source above.

    Published Thursday, July 16, 2026Updated Friday, July 17, 20262 min read
    Share:

    Microsoft detected increased activity from a type of malicious software called ACR Stealer between late April 2026 and mid-June

    1. This threat uses a technique called ClickFix, which displays fake error messages on websites. When users try to fix the fake problem by following on-screen instructions, they unknowingly install software that steals their passwords, login tokens, and sensitive documents. This threat primarily targets business and enterprise users who work on company computers. If the attack succeeds, it can steal browser passwords, authentication tokens that keep you logged into websites, and sensitive documents from your computer. The campaigns Microsoft observed were hitting company environments, but the same techniques could potentially affect home users who encounter these fake error messages on compromised or malicious websites. Here's what you should do to protect yourself right now:
    2. Never copy and paste commands from websites into your computer's command prompt or terminal, even if a popup says you need to fix an error.
    3. If you see an unexpected error message on a website asking you to run commands or download a fix, close the browser window immediately.
    4. Keep your web browser and operating system up to date with the latest security patches.
    5. Use antivirus software and keep it updated. Windows Defender, which comes free with Windows, provides good protection if kept current.
    6. If you think you may have fallen for one of these tricks, change your passwords immediately, starting with email, banking, and other important accounts. To stay protected long-term, be skeptical of any website that asks you to take unusual technical steps to view content or fix errors. Legitimate websites don't ask users to run commands or download special fixes. When in doubt, close the page and navigate to the site directly by typing the address yourself. Teach children and other family members to come get you if they see strange error messages instead of following instructions on screen.

    Protect Yourself

    Stay one step ahead with our free family cybersecurity tools. Check links, scan for breached accounts, and get personalized risk assessments.

    Found this useful?

    Share it with someone who could use a heads-up.

    Share:

    Curated from trusted cybersecurity sources by GetCyberRight

    Source: Microsoft Security Blog

    Discussion

    0

    Sign in to join the discussion.

    Stay ahead of cyber threats

    Get our free weekly digest. Real threats, plain language, what to do about them. No spam, ever.